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DETAILED ACTION 

Claims 1-11 have been considered. 

Title 

5 

A new title is suggested by the examiner. The current title "Document Transmission Techniques 
II" is not descriptive. The examiner suggests "Authentication Method in a Printing Environment". A new 
10 title is suggested but not required. 



Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness 

1 5 rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
20 Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-4 and 8-10 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Mandelbaum, EP Patent No. 0671830A2, in view of DeBry, U.S. Patent No. 6,385,728. 

25 

As per claims 1 and 10, the applicant describes a document printout device for receiving and 
printing out digital documents, the printout device comprising: 

a) a store of digital certificates, each certificate being associated with a received digital document 
(DeBry: Col 9, lines 16-27); 

30 b) an audit log comprising a list of received document entries, each entry containing a reference 

to one of the certificates in the store and a unique identifier associated with a received digital document 
(Mandelbaum: Col 7, lines 7-13; Table 404 of Fig 4); 
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The applicant discloses a system in a printing environment where authentication takes place of a 
user before a user is allowed to print a document. The system is constructed so that a sender sends his 
certificate so that he can be authenticated by the end printer or fax machine. The end printer or fax 
machine than places the certificate in a store and places an entry for a document to be printed in a log 
5 until authentication has taken place. 

Mandelbaum discloses a system in a printing environment which has the same goal of 
authenticating the intended recipient before a document is allowed to print. Mandelbaum also discloses 
part b, the idea of the audit log. Table 404 of Fig 4 illustrates what the audit log looks like. The audit log 
also accounts for a unique identifier of the messages, which is the listing of the recipient and fax number. 

10 The recipient can then enter an identifier in the fax machine and print his document once authentication 
has taken place (Col 7, lines 7-13). The log also accounts for a reference to a digital certificate by way of 
the flag specifying whether the message was sent using the public key of the recipient or the private key 
of the sender. If the message was sent using the private key of the sender, a method of obtaining the 
public key of the sender is needed. A common way of obtaining the public key of someone is through 

15 their digital certificate. 

Mandelbaum fails to disclose part a), which is the use of a store of certificates. DeBry discloses a 
similar printing environment, which is applicable to fax machines (Col 12, lines 19-21), in which a store of 
certificates is maintained. Regarding part a), the applicant writes, "The receiving step preferably 
comprises receiving a digital certificate of the sender... This method may further comprise carrying out an 

20 on-line check of the validity of the sender's certificate. This feature provides increased security as the 

authenticity of the sender can be verified via an independent certificate issuing authority" (Applicant: Page 
7). DeBry discloses that the user or sender in the system sends a digital certificate to the print server. 
The print server may authenticate the user online through a certificate authority. The certificate is stored 
at the print system so that the printer can use the user's public key to decrypt a random message sent 

25 between the user and the printer. Since DeBry discloses that end-users submit print jobs (Col 9, lines 33- 
34), it is inherent in the design that the print server retains more than one certificate so that it can validate 
more than one end-user. 
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It would have been obvious to one of ordinary skill in the art at the time the invention was filed to 
add the idea of retaining certificates as disclosed by DeBry to the system of Mandelbaum because a 
certificate serves the purpose of providing a public key of a sender and verifying that the sender is who he 
purports to be. Since a sender in Mandelbaum's system can encrypt a message using his private key 
5 (Mandelbaum: Col 2, lines 50-53), it would have been obvious to maintain the digital certificate of the 
sender so that the recipient can have quick access to the sender's public key. Since table 404 of 
Mandelbaum already references whether a sender's private key is used, it would have been obvious to 
have a quick secure way to obtain the sender's public key to decrypt the message when the flag is set. 
The applicant should note that while Mandelbaum discloses that a smart card could be used to 

10 decrypt the encrypted message, Mandelbaum also discloses that decryption can take place simply after a 
user enters a login and password (Col 2, lines 35-37). This means that decryption can take place on the 
fax apparatus, so the fax apparatus would need to have a store of sender's public keys for decryption of 
messages encrypted with a sender's private key. This store could be accomplished through a certificate 
store where the public keys of the senders are in the sender's certificates. 

15 Regarding claim 10, both Mandelbaum (Abstract) and DeBry (Col 12, lines 19-21) disclose the 

use of a fax machine environment. 

As per claim 2, the applicant describes a device according to claim 1, which is met by 
Mandelbaum in view of DeBry (see above), with the following limitation which is met by DeBry: 
20 Wherein the device is arranged to carry out an on-line authentication of a received certificate held 

in the store of received documents (DeBry: Col 9, lines 16-27); 

The use of carrying out an on-line authentication of a received certificate through a certificate 
authority is disclosed by DeBry. 

25 As per claim 3, the applicant describes a device according to claim 2, which is met by 

Mandelbaum in view of DeBry (see above), with the following limitation which is met by DeBry: 
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Wherein the device is arranged to carry out a batch of on-line authentications of received 
certificates held in the store of received documents (DeBry: Col 9, lines 16-27); 

If more than one end-user sends the print server his certificate at the same time, authentication 
would take place in batch. 

As per claim 4, the applicant describes the device of claim 1, which is met by Mandelbaum in 
view of DeBry (see above), with the following limitation which is met by DeBry: 

Wherein each entry in the audit log contains a digest of the received document to which it relates 
(DeBry: Col 5, lines 62-66; Col 6, lines 1-2); 

DeBry discloses an audit log for a file server to manage which jobs are being processed in the 
printing environment. Each entry in the audit log corresponds to a will-call certificate which can contain a 
unique digital signature of the file source. A digital signature is an encryption of a digest with a private 
key. Though DeBry discloses the use of an audit log for a file server and Mandelbaum discloses the use 
of an audit log for a receiving apparatus which prints a received document, the use of a digest would 
serve the same purpose in each system of verifying the authenticity of the sender and the document 

It would have been obvious to one of ordinary skill in the art to add the use of a digest as 
referenced by DeBry to the audit log of Mandelbaum for an extra way to verify the authenticity of the 
sender and the document. 

As per claim 8, the applicant describes a device according to claim 1, which is met by 
Mandelbaum in view of DeBry (see above), with the following limitation which is met by Mandelbaum: 

Wherein each entry in the audit log contains the time and date of receipt of each digital document 
(Mandelbaum: Table 404 of Fig 4); 

As per claim 9, the applicant describes the device of claim 1 , which is met by Mandelbaum in 
view of DeBry (see above), with the following limitation which is met by Mandelbaum: 
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Wherein the unique identifier is an alphanumeric code and the device further comprises an input 
module for inputting the code to access the relevant entry in the audit log (Mandelbaum: Col 7, lines 7- 
13); 

5 Claims 5-7 are rejected under 35 U.S.C. 103(a) as being unpatentable over Mandelbaum in view 

of DeBry in further view of Fischer, European Patent No. 0386867B1. 

As per claim 5, the applicant describes a device according to claim 4, which is met by 
Mandelbaum in view of DeBry (see above), with the following limitation which is met by Fischer: 
10 Further comprising a hash algorithm for creating a digest of a digital document and a receiving 

module for receiving a digital representation of a previously printed out document, wherein the device is 
arranged to create a digest of the digital representation of the previously printed out document and to 
compare the newly created digest with the corresponding digest stored in the audit log (Fischer: Page 17, 
lines 21-36). 

15 Mandelbaum in view of DeBry discloses all the limitations of claim 4. However, Mandelbaum in 

view of DeBry fails to disclose the use of printing out a document and then scanning it back in to create a 
new digest for comparison of a stored digest. Fischer describes a system where a document that is 
printed out can be scanned back in. Upon doing this, a digest of it is created for comparison of it with a 
saved digital signature to make sure the document is genuine. 

20 In the case where a user wants to verify that a printed out document is authentic or was printed 

out at a particular machine, a newly created digest could be used to reference an audit record via a saved 
digest. The newly created digest would be compared with saved digests, and if a match occurs, the 
corresponding audit record is pulled up which can verify whether the document was printed out at the 
particular machine and what time it was printed out for security or non-repudiation means. It would have 

25 been obvious to one of ordinary skill in the art at the time the invention was filed to combine the ideas of 
Mandelbaum in view of DeBry, which disclose an audit log which maintains a digest of a document, with 
the ideas of Fischer, which disclose the use of creating a digest of a scanned in document, because the 
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use of a digest to reference an audit record is an obvious alternative method to the use of referencing an 
audit record via an alphanumeric code as already described by Mandelbaum (Col 7, lines 7-13) and 
DeBry (Col 8, lines 27-31). 

5 As per claim 6, the applicant describes a device according to claim 5, which is met by 

Mandelbaum in view of DeBry in further view of Fischer (see above), with the following limitation which is 
met by Fischer: 

Wherein the device is arranged to send either a stored digest or a newly created digest of a 
document to its original sender to verify the authenticity of the document back to its source by considering 
10 the transmitted results of a comparison of digests carried out at the source (Page 18, lines 29-36); 

Mandelbaum in view of DeBry in further view of Fischer disclose all the limitations of claim 5. 
Fischer also discloses a method whereby a document can be scanned in and a digest can be created for 
a document which can be transmitted and verified at a remote location of a recipient. It would have been 
obvious to one of ordinary skill in the art at the time the invention was filed to combine the ideas of 
15 Mandelbaum and DeBry with those of Fischer and incorporate the idea of sending the computed digest to 
a recipient's location for authentication in the case that a recipient wants to authenticate a document. 

As per claim 7, the applicant describes the device according to claim 5, which is met by 
Mandelbaum in view of DeBry in further view of Fischer (see above), with the following limitation which is 
20 met by all three references: 

Wherein the receiving module is a document scanning module (Mandelbaum and DeBry: use of a 
fax machine (see claim 1); Fischer: Page 17, lines 28-36). 

25 Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the basis for 
the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 
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(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
5 351(a) shall have the effects for purposes of this subsection of an application filed in the United States 

only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

10 Claim 11 is rejected under 35 U.S.C. 102(e) as being anticipated by DeBry, U.S. Patent No. 

6,385,728. 

As per claim 1 1 , the applicant describes a method of authenticating the identity of a sender of a 
received digital document comprising the following limitations: 
15 a) using a unique identifier printed on the received document to search for a corresponding 

record in a list of received document records (Col 8, lines 22-31); 

b) referencing a digital certificate associated with the selected record, the certificate being one of 
a store of certificates of received documents (Col 8, lines 22-31); 

c) carrying out an on-line authentication of the certificate (Col 9, lines 16-27); 

20 Regarding part a), the serial number is the unique identifier which is printed on the will-call 

certificate or received document. 

Regarding part b) t the store of will-call certificates is the audit log maintained at the file server. 
Regarding part c), the printer sends the file server the will-call certificate and its digital certificate 
(Col 6, lines 22-25) so the file source can verify that the printer is who the printer purports to be by 
25 contacting a CA in the same manner as described when the printer contacts a CA to verify that the user is 
who he purports to be (Col 9, lines 16-34). The applicant should note that DeBry describes validating a 
received certificate in reference to the receiving printer, but it is inherent that the file server would verify a 
received certificate in the same manner. 



30 
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Any inquiry concerning this communication or earlier communications from the examiner should 
be directed to Kevin Schubert whose telephone number is (571) 272-4239. The examiner can normally 
be reached on M-F 8:00-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's supervisor, 
5 Andrew Caldwell can be reached on (571) 272-3868. The fax phone number for the organization where 
this application or proceeding is assigned is 703-872-9306. 



Information Retrieval (PAIR) system. Status information for published applications may be obtained from 
either Private PAIR or Public PAIR. Status information for unpublished applications is available through 
10 Private PAIR only. For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) 
at 866-217-9197 (toll-free). 



Information regarding the status of an application may be obtained from the Patent Application 
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